bitwarden/server
1
0
Fork 0
mirror of https://github.com/bitwarden/server synced 2026-01-04 09:33:40 +00:00
Code Issues Releases Wiki Activity

Use sas token for attachment downloads (#1153)

Browse Source 
* Get limited life attachment download URL

This change limits url download to a 1min lifetime.
This requires moving to a new container to allow for non-public blob
access.

Clients will have to call GetAttachmentData api function to receive the download
URL. For backwards compatibility, attachment URLs are still present, but will not
work for attachments stored in non-public access blobs.

* Make GlobalSettings interface for testing

* Test LocalAttachmentStorageService equivalence

* Remove comment

* Add missing globalSettings using

* Simplify default attachment container

* Default to attachments containe for existing methods

A new upload method will be made for uploading to attachments-v2.
For compatibility for clients which don't use these new methods, we need
to still use the old container. The new container will be used only for
new uploads

* Remove Default MetaData fixture.

* Keep attachments container blob-level security for all instances

* Close unclosed FileStream

* Favor default value for noop services
This commit is contained in:
Matt Gibson
2021-02-22 15:35:16 -06:00
committed by GitHub
parent 78606d5f13
commit 5537470703
177 changed files with 694 additions and 178 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
src/Core/Services/IAttachmentStorageService.cs
View File

@@ -1,4 +1,5 @@
using Bit.Core.Models.Table;
using Bit.Core.Models.Data;
using Bit.Core.Models.Table;
using System;
using System.IO;
using System.Threading.Tasks;
@@ -7,14 +8,15 @@ namespace Bit.Core.Services
{
public interface IAttachmentStorageService
{
Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, string attachmentId);
Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, string attachmentId);
Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, string attachmentId);
Task UploadNewAttachmentAsync(Stream stream, Cipher cipher, CipherAttachment.MetaData attachment);
Task UploadShareAttachmentAsync(Stream stream, Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachment);
Task StartShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData);
Task RollbackShareAttachmentAsync(Guid cipherId, Guid organizationId, CipherAttachment.MetaData attachmentData, string originalContainer);
Task CleanupAsync(Guid cipherId);
Task DeleteAttachmentAsync(Guid cipherId, string attachmentId);
Task DeleteAttachmentAsync(Guid cipherId, CipherAttachment.MetaData attachment);
Task DeleteAttachmentsForCipherAsync(Guid cipherId);
Task DeleteAttachmentsForOrganizationAsync(Guid organizationId);
Task DeleteAttachmentsForUserAsync(Guid userId);
Task<string> GetAttachmentDownloadUrlAsync(Cipher cipher, CipherAttachment.MetaData attachmentData);
}
}